Solved Driverstore explorer, safe to delete old drivers?


My Computers

System One System Two

  • OS
    Windows 11 Pro 23H2 Build 22631.4249
    Computer type
    PC/Desktop
    Manufacturer/Model
    Sin-built
    CPU
    Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz (4th Gen?)
    Motherboard
    ASUS ROG Maximus VI Formula
    Memory
    32.0 GB of I forget and the box is in storage.
    Graphics Card(s)
    Gigabyte nVidia GeForce GTX 1660 Super OC 6GB
    Sound Card
    Onboard
    Monitor(s) Displays
    4 x LG 23MP75 - 2 x 24MK430H-B - 1 x Wacom Pro 22" Tablet
    Screen Resolution
    All over the place
    Hard Drives
    Too many to list.
    OS on Samsung 1TB 870 QVO SATA
    PSU
    Silverstone 1500
    Case
    NZXT Phantom 820 Full-Tower Case
    Cooling
    Noctua NH-D15 Elite Class Dual Tower CPU Cooler / 6 x EziDIY 120mm / 2 x Corsair 140mm somethings / 1 x 140mm Thermaltake something / 2 x 200mm Corsair.
    Keyboard
    Corsair K95 / Logitech diNovo Edge Wireless
    Mouse
    Logitech G402 / G502 / Mx Masters / MX Air Cordless
    Internet Speed
    100/40Mbps
    Browser
    All sorts
    Antivirus
    Kaspersky Premium
    Other Info
    I’m on a horse.
  • Operating System
    Windows 11 Pro 23H2 Build: 22631.4249
    Computer type
    Laptop
    Manufacturer/Model
    LENOVO Yoga 7i EVO OLED 14" Touchscreen i5 12 Core 16GB/512GB
    CPU
    Intel Core 12th Gen i5-1240P Processor (1.7 - 4.4GHz)
    Memory
    16GB LPDDR5 RAM
    Graphics card(s)
    Intel Iris Xe Graphics Processor
    Sound Card
    Optimized with Dolby Atmos®
    Screen Resolution
    QHD 2880 x 1800 OLED
    Hard Drives
    M.2 512GB
    Other Info
    …still on a horse.

My Computer

System One

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom Build
    CPU
    Intel Core i9 12900KF
    Motherboard
    ASUS ROG Maximus Z690 Hero
    Memory
    Corsair 64GB DDR5 Vengeance C40 5200Mhz
    Graphics Card(s)
    ASUS GeForce RTX 3090 ROG Strix OC 24GB
    Sound Card
    OnBoard
    Monitor(s) Displays
    Acer Predator XB323UGP 32" QHD G-SYNC-C 144Hz 1MS IPS LED
    Screen Resolution
    2560 x 1440
    Hard Drives
    1x Samsung 980 Pro Series Gen4 250GB M.2 NVMe
    1x Samsung 980 Pro Series Gen4 500GB M.2 NVMe
    2x Samsung 980 Pro Series Gen4 2TB M.2 NVMe
    PSU
    Corsair AX1200i 1200W 80PLUS Titanium Modular
    Case
    Corsair 4000D Black Case w/ Tempered Glass Side Panel
    Cooling
    Noctua NH-U12A Chromax Black CPU Cooler, 4x Noctua 120mm Fans
    Keyboard
    Logitech MK545
    Mouse
    Logitech MX Master 3
    Internet Speed
    Fixed Wireless 150mbps/75mbps
    Browser
    Firefox
    Antivirus
    Kaspersky
    Other Info
    Thrustmaster TS-PC RACER
    Fanatec CSL Elite Pedals with the Load Cell Kit
    Yamaha Amp with Bose Speakers
pseymour said:
In addition to what garlin said, there is also a case to be made for removing drivers you’re not using to reduce the risk of a BYOVD attack. I know, I know, home users never get attacked, but they do generally run as administrator, making it super easy for a nefarious person to load an old, vulnerable driver that is just sitting on the drive. If the driver were not there, you wouldn’t be vulnerable to it.
Click to expand...
I know this was posted back in Dec. but this is the first time I read the whole thread. I never heard of BYOVD attack. How does the driver get infected or is this something that must be mistakenly downloaded? I just backed up all of my drivers on my two desktops to Onedrive and then deleted all but one of my old drivers using DriverStore Explorer. The one I didn't delete was one that I would have had to force delete. I left it alone because was listed as still running.
 

My Computers

System One System Two

  • OS
    Windows 11 Canary Channel
    Computer type
    PC/Desktop
    Manufacturer/Model
    PowerSpec B746
    CPU
    Intel Core i7-10700K
    Motherboard
    ASRock Z490 Phantom Gaming 4/ax
    Memory
    16GB (8GB PC4-19200 DDR4 SDRAM x2)
    Graphics Card(s)
    NVIDIA GeForce GTX 1050 TI
    Sound Card
    Realtek Audio
    Monitor(s) Displays
    Samsung SAM0A87 Samsung SAM0D32
    Screen Resolution
    1920 x 1080
    Hard Drives
    NVMe WDC WDS100T2B0C-00PXH0 1TB
    Samsung SSD 860 EVO 1TB
    PSU
    750 Watts (62.5A)
    Case
    PowerSpec/Lian Li ATX 205
    Keyboard
    Logitech K270
    Mouse
    Logitech M185
    Browser
    Microsoft Edge and Firefox
    Antivirus
    ESET Internet Security
  • Operating System
    Windows 11 Canary Channel
    Computer type
    PC/Desktop
    Manufacturer/Model
    PowerSpec G156
    CPU
    Intel Core i5-8400 CPU @ 2.80GHz
    Motherboard
    AsusTeK Prime B360M-S
    Memory
    16 MB DDR 4-2666
    Monitor(s) Displays
    23" Speptre HDMI 75Hz
    Screen Resolution
    1920x1080
    Hard Drives
    Samsung 970 EVO 500GB NVMe
    Mouse
    Logitek M185
    Keyboard
    Logitek K270
    Browser
    Firefox, Edge and Edge Canary
    Antivirus
    Windows Defender
Winuser said:
I know this was posted back in Dec. but this is the first time I read the whole thread. I never heard of BYOVD attack. How does the driver get infected or is this something that must be mistakenly downloaded? I just backed up all of my drivers on my two desktops to Onedrive and then deleted all but one of my old drivers using DriverStore Explorer. The one I didn't delete was one that I would have had to force delete. I left it alone because was listed as still running.
Click to expand...
Not to just give you a link, but this explains it well.

cymulate.com

What are BYOVD Attacks? - Cymulate

BYOVD (Bring Your Own Vulnerable Driver) attacks exploit vulnerabilities in device drivers to compromise a system.
cymulate.com cymulate.com

You saw how crowdstrike wrecked things.......similar as to whats possible
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom Built
    CPU
    Ryzen 7 5700 X3D
    Motherboard
    MSI MPG B550 GAMING PLUS
    Memory
    64 GB DDR4 3600mhz Gskill Ripjaws V
    Graphics Card(s)
    RTX 4070 Super , 12GB VRAM Asus EVO Overclock
    Monitor(s) Displays
    Gigabyte M27Q (rev. 2.0) 2560 x 1440 @ 170hz HDR
    Hard Drives
    2TB Samsung nvme ssd
    2TB XPG nvme ssd
    PSU
    CORSAIR RMx SHIFT Series™ RM750x 80 PLUS Gold Fully Modular ATX Power Supply
    Case
    CORSAIR 3500X ARGB Mid-Tower ATX PC Case – Black
    Cooling
    ID-COOLING FROSTFLOW X 240 CPU Water Cooler
    Internet Speed
    900mbps DOWN, 100mbps UP
  • Operating System
    Chrome OS
    Computer type
    Laptop
    Manufacturer/Model
    HP Chromebook
    CPU
    Intel Pentium Quad Core
    Memory
    4GB LPDDR4
    Monitor(s) Displays
    14 Inch HD SVA anti glare micro edge display
    Hard Drives
    64 GB emmc
andrew129260 said:
Not to just give you a link, but this explains it well.

cymulate.com

What are BYOVD Attacks? - Cymulate

BYOVD (Bring Your Own Vulnerable Driver) attacks exploit vulnerabilities in device drivers to compromise a system.
cymulate.com cymulate.com

You saw how crowdstrike wrecked things.......similar as to whats possible
Click to expand...
Forget BYOVD attacks. EDRSandBlast-GodFault bypasses Microsoft's vulnerable driver blocklist by, in lieu of attempting to exploit vulnerable drivers,, exploiting an admin-to-kernel vulnerability that AFAIK still hasn't been fixed yet. Forget vulnerable drivers - Admin is all you need — Elastic Security Labs

POC (Proof of Concept) :
github.com

GitHub - gabriellandau/EDRSandblast-GodFault: EDRSandblast-GodFault

EDRSandblast-GodFault. Contribute to gabriellandau/EDRSandblast-GodFault development by creating an account on GitHub.
github.com github.com
 

My Computers

System One System Two

  • OS
    11 Home
    Computer type
    Laptop
    Manufacturer/Model
    Asus TUF Gaming F16 (2024)
    CPU
    i7 13650HX
    Memory
    16GB DDR5
    Graphics Card(s)
    GeForce RTX 4060 Mobile
    Sound Card
    Eastern Electric MiniMax DAC Supreme; Emotiva UMC-200; Astell & Kern AK240
    Monitor(s) Displays
    Sony Bravia XR-55X90J
    Screen Resolution
    3840×2160
    Hard Drives
    512GB SSD internal
    37TB external
    PSU
    Li-ion
    Cooling
    2× Arc Flow Fans, 4× exhaust vents, 5× heatpipes
    Keyboard
    Logitech K800
    Mouse
    Logitech G402
    Internet Speed
    20Mbit/s up, 250Mbit/s down
    Browser
    FF
  • Operating System
    11 Home
    Computer type
    Laptop
    Manufacturer/Model
    Medion S15450
    CPU
    i5 1135G7
    Memory
    16GB DDR4
    Graphics card(s)
    Intel Iris Xe
    Sound Card
    Eastern Electric MiniMax DAC Supreme; Emotiva UMC-200; Astell & Kern AK240
    Monitor(s) Displays
    Sony Bravia XR-55X90J
    Screen Resolution
    3840×2160
    Hard Drives
    2TB SSD internal
    37TB external
    PSU
    Li-ion
    Mouse
    Logitech G402
    Keyboard
    Logitech K800
    Internet Speed
    20Mbit/s up, 250Mbit/s down
    Browser
    FF
hdmi said:
Forget BYOVD attacks. EDRSandBlast-GodFault bypasses Microsoft's vulnerable driver blocklist by, in lieu of attempting to exploit vulnerable drivers,, exploiting an admin-to-kernel vulnerability that AFAIK still hasn't been fixed yet. Forget vulnerable drivers - Admin is all you need — Elastic Security Labs

POC (Proof of Concept) :
github.com

GitHub - gabriellandau/EDRSandblast-GodFault: EDRSandblast-GodFault

EDRSandblast-GodFault. Contribute to gabriellandau/EDRSandblast-GodFault development by creating an account on GitHub.
github.com github.com
Click to expand...
There's always something.....

thanks looks like a good read


Also, one of the avast antivirus drivers semi recently was used as a way to push malware and deploy it to devices.

www.bleepingcomputer.com

Hackers abuse Avast anti-rootkit driver to disable defenses

A new malicious campaign is using a legitimate but old and vulnerable Avast Anti-Rootkit driver to evade detection and take control of the target system by disabling security components.
www.bleepingcomputer.com www.bleepingcomputer.com
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom Built
    CPU
    Ryzen 7 5700 X3D
    Motherboard
    MSI MPG B550 GAMING PLUS
    Memory
    64 GB DDR4 3600mhz Gskill Ripjaws V
    Graphics Card(s)
    RTX 4070 Super , 12GB VRAM Asus EVO Overclock
    Monitor(s) Displays
    Gigabyte M27Q (rev. 2.0) 2560 x 1440 @ 170hz HDR
    Hard Drives
    2TB Samsung nvme ssd
    2TB XPG nvme ssd
    PSU
    CORSAIR RMx SHIFT Series™ RM750x 80 PLUS Gold Fully Modular ATX Power Supply
    Case
    CORSAIR 3500X ARGB Mid-Tower ATX PC Case – Black
    Cooling
    ID-COOLING FROSTFLOW X 240 CPU Water Cooler
    Internet Speed
    900mbps DOWN, 100mbps UP
  • Operating System
    Chrome OS
    Computer type
    Laptop
    Manufacturer/Model
    HP Chromebook
    CPU
    Intel Pentium Quad Core
    Memory
    4GB LPDDR4
    Monitor(s) Displays
    14 Inch HD SVA anti glare micro edge display
    Hard Drives
    64 GB emmc
andrew129260 said:
There's always something.....

thanks looks like a good read
Click to expand...
The short version of the story is that Windows Security is, and always has been, an oxymoron. It immediately helps to explain why nothing of what I do for work as an Enterprise Java software developer ever comes in contact with Windows.
 

My Computers

System One System Two

  • OS
    11 Home
    Computer type
    Laptop
    Manufacturer/Model
    Asus TUF Gaming F16 (2024)
    CPU
    i7 13650HX
    Memory
    16GB DDR5
    Graphics Card(s)
    GeForce RTX 4060 Mobile
    Sound Card
    Eastern Electric MiniMax DAC Supreme; Emotiva UMC-200; Astell & Kern AK240
    Monitor(s) Displays
    Sony Bravia XR-55X90J
    Screen Resolution
    3840×2160
    Hard Drives
    512GB SSD internal
    37TB external
    PSU
    Li-ion
    Cooling
    2× Arc Flow Fans, 4× exhaust vents, 5× heatpipes
    Keyboard
    Logitech K800
    Mouse
    Logitech G402
    Internet Speed
    20Mbit/s up, 250Mbit/s down
    Browser
    FF
  • Operating System
    11 Home
    Computer type
    Laptop
    Manufacturer/Model
    Medion S15450
    CPU
    i5 1135G7
    Memory
    16GB DDR4
    Graphics card(s)
    Intel Iris Xe
    Sound Card
    Eastern Electric MiniMax DAC Supreme; Emotiva UMC-200; Astell & Kern AK240
    Monitor(s) Displays
    Sony Bravia XR-55X90J
    Screen Resolution
    3840×2160
    Hard Drives
    2TB SSD internal
    37TB external
    PSU
    Li-ion
    Mouse
    Logitech G402
    Keyboard
    Logitech K800
    Internet Speed
    20Mbit/s up, 250Mbit/s down
    Browser
    FF
hdmi said:
The short version of the story is that Windows Security is, and always has been, an oxymoron. It immediately helps to explain why nothing of what I do for work as an Enterprise Java software developer ever comes in contact with Windows.
Click to expand...
I personally believe considering how vast and compatible windows is, it's surprisingly decent security wise. Windows 11 ruffles a lot of feathers for some people already. I would like to see microsoft going further into this path, and start getting rid of really old legacy items so security can be better maintained and enforced. The older windows OS still exist for the companies needing it to control older needed equipment, but modern systems on the internet should have tighter restrictions.

Linux, Mac os, and chrome OS were built from the ground up to attempt to be secure, with security as the foundation. Windows never had that luxury.

Microsoft has made a lot of strides in security, but they have a long way to go.

I still personally believe most home users should be using any other operating system other than windows. I like chromebooks for the average user.

It is what it is.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom Built
    CPU
    Ryzen 7 5700 X3D
    Motherboard
    MSI MPG B550 GAMING PLUS
    Memory
    64 GB DDR4 3600mhz Gskill Ripjaws V
    Graphics Card(s)
    RTX 4070 Super , 12GB VRAM Asus EVO Overclock
    Monitor(s) Displays
    Gigabyte M27Q (rev. 2.0) 2560 x 1440 @ 170hz HDR
    Hard Drives
    2TB Samsung nvme ssd
    2TB XPG nvme ssd
    PSU
    CORSAIR RMx SHIFT Series™ RM750x 80 PLUS Gold Fully Modular ATX Power Supply
    Case
    CORSAIR 3500X ARGB Mid-Tower ATX PC Case – Black
    Cooling
    ID-COOLING FROSTFLOW X 240 CPU Water Cooler
    Internet Speed
    900mbps DOWN, 100mbps UP
  • Operating System
    Chrome OS
    Computer type
    Laptop
    Manufacturer/Model
    HP Chromebook
    CPU
    Intel Pentium Quad Core
    Memory
    4GB LPDDR4
    Monitor(s) Displays
    14 Inch HD SVA anti glare micro edge display
    Hard Drives
    64 GB emmc
andrew129260 said:
I personally believe considering how vast and compatible windows is, it's surprisingly decent security wise. Windows 11 ruffles a lot of feathers for some people already. I would like to see microsoft going further into this path, and start getting rid of really old legacy items so security can be better maintained and enforced. The older windows OS still exist for the companies needing it to control older needed equipment, but modern systems on the internet should have tighter restrictions.

Linux, Mac os, and chrome OS were built from the ground up to attempt to be secure, with security as the foundation. Windows never had that luxury.

Microsoft has made a lot of strides in security, but they have a long way to go.

I still personally believe most home users should be using any other operating system other than windows. I like chromebooks for the average user.

It is what it is.
Click to expand...
On Windows, security is like leaving the key under the doormat. The improvements are that duct tape was used to tape the doormat firmly to the floor of your porch. This makes it harder for the intruders to lift up the doormat. The reality is that you still need to keep standing with both feet on the doormat 24/7 if you want it to be safe. The only real reason why Windows Security has come a long way is because it used to be like this:

 

My Computers

System One System Two

  • OS
    11 Home
    Computer type
    Laptop
    Manufacturer/Model
    Asus TUF Gaming F16 (2024)
    CPU
    i7 13650HX
    Memory
    16GB DDR5
    Graphics Card(s)
    GeForce RTX 4060 Mobile
    Sound Card
    Eastern Electric MiniMax DAC Supreme; Emotiva UMC-200; Astell & Kern AK240
    Monitor(s) Displays
    Sony Bravia XR-55X90J
    Screen Resolution
    3840×2160
    Hard Drives
    512GB SSD internal
    37TB external
    PSU
    Li-ion
    Cooling
    2× Arc Flow Fans, 4× exhaust vents, 5× heatpipes
    Keyboard
    Logitech K800
    Mouse
    Logitech G402
    Internet Speed
    20Mbit/s up, 250Mbit/s down
    Browser
    FF
  • Operating System
    11 Home
    Computer type
    Laptop
    Manufacturer/Model
    Medion S15450
    CPU
    i5 1135G7
    Memory
    16GB DDR4
    Graphics card(s)
    Intel Iris Xe
    Sound Card
    Eastern Electric MiniMax DAC Supreme; Emotiva UMC-200; Astell & Kern AK240
    Monitor(s) Displays
    Sony Bravia XR-55X90J
    Screen Resolution
    3840×2160
    Hard Drives
    2TB SSD internal
    37TB external
    PSU
    Li-ion
    Mouse
    Logitech G402
    Keyboard
    Logitech K800
    Internet Speed
    20Mbit/s up, 250Mbit/s down
    Browser
    FF
andrew129260 said:
There's always something.....
Click to expand...
It's a damn shame they don't put their programming skills to good use instead of trying to RIP everyone off.
 

My Computers

System One System Two

  • OS
    Windows 11 Canary Channel
    Computer type
    PC/Desktop
    Manufacturer/Model
    PowerSpec B746
    CPU
    Intel Core i7-10700K
    Motherboard
    ASRock Z490 Phantom Gaming 4/ax
    Memory
    16GB (8GB PC4-19200 DDR4 SDRAM x2)
    Graphics Card(s)
    NVIDIA GeForce GTX 1050 TI
    Sound Card
    Realtek Audio
    Monitor(s) Displays
    Samsung SAM0A87 Samsung SAM0D32
    Screen Resolution
    1920 x 1080
    Hard Drives
    NVMe WDC WDS100T2B0C-00PXH0 1TB
    Samsung SSD 860 EVO 1TB
    PSU
    750 Watts (62.5A)
    Case
    PowerSpec/Lian Li ATX 205
    Keyboard
    Logitech K270
    Mouse
    Logitech M185
    Browser
    Microsoft Edge and Firefox
    Antivirus
    ESET Internet Security
  • Operating System
    Windows 11 Canary Channel
    Computer type
    PC/Desktop
    Manufacturer/Model
    PowerSpec G156
    CPU
    Intel Core i5-8400 CPU @ 2.80GHz
    Motherboard
    AsusTeK Prime B360M-S
    Memory
    16 MB DDR 4-2666
    Monitor(s) Displays
    23" Speptre HDMI 75Hz
    Screen Resolution
    1920x1080
    Hard Drives
    Samsung 970 EVO 500GB NVMe
    Mouse
    Logitek M185
    Keyboard
    Logitek K270
    Browser
    Firefox, Edge and Edge Canary
    Antivirus
    Windows Defender
You must log in or register to reply here.

Similar threads

uninstalling drivers to get core isolation to turn on
Replies
6
Views
374
corvairbob
C
DriverStoreExplorer Shows Many Entries. How to Remove Non-essential Drivers?
Replies
14
Views
4K
zbook
Z
Windows Performance Analyzer shows negative DPC numbers on dxgkrnl.sys - Possibly an error of AMD drivers?
Replies
6
Views
940
Alchemy Tweaks
Alchemy Tweaks
How to configure the autounattend.xml file so that Windows will look for drivers
Replies
3
Views
2K
neemobeer
neemobeer
Solved Are IRST drivers really required?
Replies
3
Views
5K
glasskuter
glasskuter

Latest Support Threads

Latest Tutorials

Back
Top Bottom